]>
Commit | Line | Data |
---|---|---|
3ef2319d ER |
1 | new bin builder setup |
2 | ||
3 | packages and chroot | |
4 | ~~~~~~~~~~~~~~~~~~~ | |
a60b3c2f | 5 | 1. install pld-builder from th repoistory on target host |
3ef2319d | 6 | |
0811c9fe ER |
7 | 2. create chroot /srv/chroot |
8 | (you can symlink to real dest for the sake of copy-paste from here) | |
9 | mkdir -p /srv/chroot | |
3ef2319d | 10 | |
0811c9fe ER |
11 | - if you're using rpm < 4.5-29, make system rpmdb linked to target rpmdb, as |
12 | rpm gets it all very messy. see LP#395177. | |
13 | mv /var/lib/rpm{,-host} | |
14 | ln -s /srv/chroot/var/lib/rpm /var/lib/rpm | |
7f1451d2 ER |
15 | install -d /srv/chroot/var/lib/rpm |
16 | rpm -r /srv/chroot --initdb | |
17 | ||
18 | therwise it's just: | |
19 | rpm -r /srv/chroot --initdb | |
3ef2319d | 20 | |
c4bb8d09 | 21 | - install distro gpg key as default th config packages are signed and sign verify enabled in config: |
0811c9fe | 22 | rpm -r /srv/chroot --import /etc/pki/rpm-gpg/PLD-*.asc |
823ab54a ER |
23 | |
24 | - setup minimal /dev | |
0811c9fe ER |
25 | install -d /srv/chroot/dev |
26 | cp -a /dev/{full,null,random,urandom,zero} /srv/chroot/dev | |
27 | ||
28 | - install vserver-packages, but as it is usually hidden, so you must unhide it | |
29 | with --noignore: | |
30 | poldek -r /srv/chroot -u vserver-packages -Q --noignore | |
823ab54a | 31 | |
c4bb8d09 AM |
32 | - install pld-builder-chroot from th repos |
33 | poldek -r /srv/chroot -u pld-builder-chroot -Q --sn th --sn th-ready | |
823ab54a | 34 | |
0811c9fe ER |
35 | - make rpmdb readable for builder user |
36 | chmod -R a+rX /srv/chroot/var/lib/rpm | |
3ef2319d ER |
37 | |
38 | - setup /srv/chroot/etc/resolv.conf so if you enter manually you can work with poldek | |
0811c9fe ER |
39 | cat /etc/resolv.conf > /srv/chroot/etc/resolv.conf |
40 | ||
41 | - restore rpmdb hack | |
7f1451d2 | 42 | rm -f /var/lib/rpm |
0811c9fe | 43 | mv /var/lib/rpm{-host,} |
3ef2319d | 44 | |
3ef2319d ER |
45 | gpg keys |
46 | ~~~~~~~~ | |
47 | 1. import src builder key to bin builder so it can download queue.gz | |
48 | ||
7f1451d2 | 49 | src-builder$ gpg --export builder-th-src@pld-linux.org --armor > th-src.asc |
c4bb8d09 | 50 | bin-builder$ gpg --import < th-src.asc |
3ef2319d ER |
51 | |
52 | 2. generate new key for bin builder and import it to src builder so it can | |
53 | accept spool/notify messages | |
54 | ||
3ef2319d | 55 | 3. import that public key to src builder keyring |
7f1451d2 | 56 | bin-builder$ gpg --gen-key |
c4bb8d09 AM |
57 | bin-builder$ gpg --export KEYID --armor > th-i686.asc |
58 | src-builder$ gpg --import < th-i686.asc | |
3ef2319d ER |
59 | |
60 | ssh keys | |
61 | ~~~~~~~~ | |
62 | ||
63 | generate key on bin builder and add it to authorized_keys of ftp account | |
64 | ||
65 | i.e account where you push your uploads: | |
c4bb8d09 AM |
66 | [th-i686] |
67 | ftp_url = scp://fpldth@ep09.pld-linux.org:ftp/.tree/.incoming/i686/ | |
3ef2319d | 68 | |
7645851c ER |
69 | bin-builder$ ssh-keygen |
70 | bin-builder$ ssh-copy-id -i .ssh/id_rsa.pub fpldth@ep09.pld-linux.org | |
71 | ||
3ef2319d ER |
72 | buildlogs |
73 | ~~~~~~~~~ | |
b5c75b4f | 74 | buildlogs are copied with rsync. ask buildlogs.pld-linux.org admin to allow your ip |
924f79a3 | 75 | also you need to setup password that is used to authenticate in rsync-passwords |
3ef2319d ER |
76 | |
77 | sudo access | |
78 | ~~~~~~~~~~~ | |
79 | make sure builder user (who runs crons) can sudo chroot to the chroots: | |
c4bb8d09 | 80 | builder ALL=(ALL) NOPASSWD: /usr/sbin/chroot /home/users/builder/chroot-th * |
3ef2319d ER |
81 | |
82 | testing | |
83 | ~~~~~~~ | |
84 | ||
924f79a3 | 85 | keep /var/lib/pld-builder/spool/log running with tail -f |
3ef2319d | 86 | run the cronjobs under builder account. |